popular my foot
Couldn't happen to a bigger bunch of jerks.
Popular technology site TechCrunch was hit by potty-mouth hackers late on Monday, leaving the site temporarily unavailable. A notice on TechCrunch.com's front page on Tuesday morning explains that "TechCrunch.com was compromised by a security exploit". Access to the site's story archive has been suspended leaving a two para …
Since the hackers were able to modify TechCrunch's front page, they could have modified the page to link to or embed any code they wish to. As my colleague Graham Cluley has noted, it's lucky that there are no malware on the site.
Imagine the impact if, on Apple's product launch day tomorrow, the hackers embed something like the Gumblar on the site, which happens to be very popular these days:
http://www.sophos.com/blogs/sophoslabs/post/8338
or, a Javascript that launches yet another version of Rogue Antivirus.
Furthermore, with the recent Adobe/Microsoft, etc. vulnerabilities, it's quite possible that many computers have yet to be updated. A multi-exploit malware embedded in the site would have cause much grief.
The end result could get very messy. So TechCrunch readers probably have dodged a bullet here.
Savio Lau, SophosLabs Canada